Bump github.com/gardener/gardener from 1.133.0 to 1.134.1

[dependabot]

Bumps github.com/gardener/gardener from 1.133.0 to 1.134.1.

Release notes

Sourced from github.com/gardener/gardener's releases.

v1.134.1

[github.com/gardener/gardener:v1.134.1]

⚠️ Breaking Changes

• [DEVELOPER] Change the registry port in the local setup to :5001. by @​LucaBernstein [#13672]

🐛 Bug Fixes

• [OPERATOR] Refactor the collector journald receiver to capture kernel logs via a more stable method. by @​rrhubenov [#13730]
• [OPERATOR] An issue causing credentials rotation for the Garden resource to fail is now fixed. by @​ialidzhikov [#13738]

Helm Charts

• controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.134.1
• gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.134.1
• operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.134.1
• resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.134.1

Container (OCI) Images

• admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.134.1
• apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.134.1
• controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.134.1
• gardenadm: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm:v1.134.1
• gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.134.1
• node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.134.1
• operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.134.1
• resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.134.1
• scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.134.1

v1.134.0

[github.com/gardener/gardener:v1.134.0]

⚠️ Breaking Changes

• [OPERATOR] The DoNotCopyBackupCredentials feature gate has been promoted to GA and can no longer be disabled. The Seed backup secret is no longer copied from the Shoot infrastructure credentials in case an operator does not provide an existing backup secret. If you configure seed.spec.backup.credentialsRef, make sure that the referred credential already exists. For production setups, it is advised that operators configure a separate set of credentials for Seed backup and Shoot infrastructure. by @​dimityrmirchev [#13564]

• [OPERATOR] Several fields and configurations of operator.gardener.cloud/v1alpha1.Extension resources are now validated:

  • At least an extension or admission deployment must be specified (spec.deployment.{extension,admission})
  • A Helm deployment configuration must be in place (spec.deployment.extension.helm or spec.deployment.admission.{runtimeCluster,virtualCluster}.helm)
  • A valid OCI repository configuration is required (helm.ociRepository)

  Please check your Extension resources and rectify them accordingly, before upgrading to this version. by @​timuthy [#13528]

• [OPERATOR] The GA-ed and unconditionally enabled ShootCredentialsBinding feature gate is removed. If you have references to this feature gate, clean them up before upgrading to this version of Gardener. by @​ialidzhikov [#13576]

• [DEVELOPER] Ensure you have the docker compose plugin installed for starting the local setup. by @​timebertt [#13551]

• [DEVELOPER] The registry for the local development setup is now exposed under registry.local.gardener.cloud instead of garden.local.gardener.cloud. Make sure to update your /etc/hosts file by replacing the existing 127.0.0.1 garden.local.gardener.cloud entries with 127.0.0.1 registry.local.gardener.cloud. by @​timebertt [#13551]

• [DEVELOPER] To support self-hosted shoots with managed infrastructure, the Worker extension (controller/delegate) needs to use the technical ID from Cluster.shoot.status.technicalID for prefixing the names of machine-related objects. The Worker namespace is kube-system for self-hosted shoots. Read the docs. by @​timebertt [#13485]

📰 Noteworthy

• [OPERATOR] As the DoNotCopyBackupCredentials feature gate cannot be disabled, backup secrets that were copied from Shoot infrastructure credentials in previous reconciliations are labeled with gardener.cloud/secret-status=previously-managed and Gardener no longer takes care of them. Operators are responsible to delete those if unused for other scenarios. by @​dimityrmirchev [#13564]
• [OPERATOR] Introduced GEP-35 that outlines a migration strategy from Vali to VictoriaLogs as a database for Garden, Seed & Shoot clusters. by @​rrhubenov [#13242]

✨ New Features

• [OPERATOR] Istio-gateways now provide access logs for requests to kube-apiservers via the apiserver-proxy endpoint when IstioTLSTermination feature gate is active. by @​oliver-goetz [#13569]
• [OPERATOR] Seed clusters are now labelled with a specific extension label extensions.extensions.gardener.cloud/<extension-type>: true whenever such an extension is activated for the seed. by @​timuthy [#13509]
• [USER] Istio access logs are now visible for users in the shoot plutono. by @​majst01 [#13548]
• [DEVELOPER] The Worker extension no longer needs to fetch the machine state from the ShootState object in the garden cluster. Instead, Gardener populates the machine state directly in the Worker.status.state field on restoration of the shoot. Read the docs. by @​timebertt [#13485]

... (truncated)

Commits

• 22f673d release v1.134.1
• 17e653c gardener-operator: Run renew Seed Secrets tasks sequentially (#13738)
• e859eef Reliably capture kernel logs using SYSLOG_IDENTIFIER (#13730)
• 0ca55b0 [release-v1.134] Switch registry port in local setup from :5000 to :5001 ...
• 76131f4 next version: v1.134.1-dev
• 1eab8d4 release v1.134.0
• 2cab34b Ensure secrets management is initialized before updating advertised addresses...
• c8fd090 Improve extractObjectsFromSecret function to ignore whitespaces (#13622)
• 50a6fd7 Update kubernetes packages to v0.34.3 (#13627)
• 1d4af10 Update dependency kubernetes/kubernetes to v1.34.3 (#13626)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #351.